Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method of performing a security test at a payment terminal, the method comprising: storing, by a processing unit of the payment terminal, information in memory of the payment terminal; providing a direct connection between the memory and a secure processing portion of the payment terminal, the secure processing portion physically and logically protected from tamper attempts; accessing, by the secure processing portion, the memory via direct memory access using the direct connection; comparing, by the secure processing portion, the accessed information to corresponding evaluation criteria stored by the payment terminal; determining, by the secure processing portion, whether there is a discrepancy between the accessed information and the evaluation criteria; and initiating, by the secure processing portion, a response action in response to the determination of a discrepancy between the accessed information and the evaluation criteria.
Payment terminals require robust security measures to prevent tampering and unauthorized access. A method for performing security tests at a payment terminal involves storing information in the terminal's memory, which is directly connected to a secure processing portion. This secure processing portion is both physically and logically protected against tampering. The secure processing portion accesses the memory via direct memory access (DMA) through the direct connection. It then compares the accessed information to predefined evaluation criteria stored within the terminal. If a discrepancy is detected between the accessed information and the evaluation criteria, the secure processing portion initiates a response action. This response could include locking the terminal, logging the event, or triggering an alert to prevent potential security breaches. The method ensures that critical security checks are performed within a protected environment, minimizing the risk of tampering or unauthorized modifications to the terminal's memory. The direct connection and DMA access allow for efficient and secure verification of the terminal's integrity.
2. The method of claim 1 , wherein the determination of a discrepancy between the accessed information and the evaluation criteria indicates that the payment terminal is performing forbidden operations.
A system and method for detecting unauthorized or forbidden operations in a payment terminal involves monitoring the terminal's activities and comparing them against predefined evaluation criteria. The payment terminal processes financial transactions, such as card payments, and must comply with security and operational regulations. The method accesses information related to the terminal's operations, such as transaction logs, system configurations, or communication patterns. This accessed information is then evaluated against a set of criteria designed to identify deviations from authorized behavior. If a discrepancy is detected between the accessed information and the evaluation criteria, it indicates that the payment terminal is performing operations that violate security protocols, regulatory requirements, or operational policies. The system may trigger alerts, log the discrepancy, or take corrective actions to mitigate risks. This approach enhances security by proactively identifying and addressing unauthorized activities in payment terminals, reducing the risk of fraud, data breaches, or non-compliance with financial regulations. The method ensures that payment terminals operate within approved parameters, maintaining trust and integrity in financial transactions.
3. The method of claim 1 , wherein the evaluation criteria are stored in a secure memory portion of the payment terminal, the secure memory portion physically and logically protected from tamper attempts.
A payment terminal system evaluates transactions using secure evaluation criteria stored in a protected memory portion. The secure memory is both physically and logically isolated to prevent unauthorized access or tampering. This ensures that the criteria used to assess transaction validity, such as authentication, authorization, or fraud detection rules, remain intact and tamper-proof. The secure memory may be implemented using hardware-based security measures, such as a secure enclave, trusted execution environment, or dedicated security chip, combined with cryptographic protections like encryption and access controls. The system enforces strict access policies, requiring authentication and authorization before any read or write operations are permitted. Physical tampering is prevented through tamper-resistant packaging, tamper-evident seals, or self-destruct mechanisms that erase sensitive data if intrusion is detected. This approach ensures that the evaluation criteria cannot be altered by malicious actors, maintaining the integrity and security of the payment process. The secure memory may also store cryptographic keys, certificates, or other sensitive data used in transaction processing. The system may further log access attempts and tamper events for auditing purposes. This method enhances payment security by protecting the core rules that govern transaction approval or rejection.
4. The method of claim 1 , wherein the processing unit of the payment terminal comprises an application processing unit and the secure processing portion is incorporated within the application processing unit.
A payment terminal system includes a processing unit with an application processing unit and a secure processing portion integrated within the application processing unit. The system is designed to enhance security and efficiency in payment transactions. The secure processing portion handles sensitive operations such as cryptographic functions, secure data storage, and transaction authentication, while the application processing unit manages general payment processing tasks like user interface interactions, communication with external systems, and transaction logging. By integrating the secure processing portion within the application processing unit, the system reduces hardware complexity and improves performance by minimizing data transfer between separate processing components. This architecture ensures that sensitive operations are isolated within a trusted execution environment while maintaining seamless interaction with the broader payment workflow. The system is particularly useful in environments where both high security and efficient transaction processing are required, such as point-of-sale terminals, mobile payment devices, and automated kiosks. The integration of secure and application processing units within a single hardware component simplifies manufacturing and reduces costs while maintaining robust security standards.
5. The method of claim 1 , wherein the processing unit of the payment terminal comprises an application processing unit and the secure processing portion is incorporated in a memory scanning system separate from the application processing unit.
A payment terminal system is designed to enhance security in financial transactions by isolating sensitive payment processing functions from the main application processing unit. The system includes a processing unit with an application processing unit and a secure processing portion. The secure processing portion is physically and logically separated from the application processing unit, being incorporated into a memory scanning system. This separation ensures that sensitive payment data, such as encryption keys and transaction details, are processed in a secure environment, reducing the risk of unauthorized access or tampering. The memory scanning system monitors and controls access to memory areas where sensitive data is stored, further enhancing security. By isolating the secure processing portion, the system prevents potential vulnerabilities in the application processing unit from compromising payment security. This approach is particularly useful in preventing attacks that exploit software flaws or malware in the main processing environment. The overall design improves the security of payment terminals by maintaining strict isolation between secure and non-secure components, ensuring compliance with industry security standards.
6. The method of claim 1 , further comprising transmitting, by the secure processing portion, a message to a payment server in response to the determination of a discrepancy between the accessed information and the evaluation criteria, wherein the message includes the accessed information and information indicative of the determination of a discrepancy.
A system and method for secure payment processing involves verifying transaction data against predefined criteria to detect discrepancies. The system includes a secure processing portion that accesses transaction information, such as payment details, user credentials, or device identifiers, and evaluates this data against stored evaluation criteria, such as fraud detection rules or transaction limits. If a discrepancy is detected—such as a mismatch between the transaction amount and a user's spending limit or an unrecognized device—the secure processing portion generates a message containing the accessed transaction data and an indication of the discrepancy. This message is transmitted to a payment server for further action, such as flagging the transaction for review or blocking the payment. The system ensures secure handling of sensitive data by isolating the evaluation process within a trusted execution environment, preventing unauthorized access or tampering. The method enhances payment security by automating discrepancy detection and enabling real-time intervention, reducing fraud risks and improving transaction reliability.
7. The method of claim 6 , further comprising: receiving, by the secure processing portion, a response message from the payment server indicating tampering at the payment terminal; and preventing, by the secure processing portion, processing of transactions in response to the response message.
This invention relates to secure payment processing systems designed to detect and prevent tampering at payment terminals. The method involves a secure processing portion of a payment terminal that communicates with a payment server to verify transaction integrity. If the payment server detects tampering or unauthorized modifications at the terminal, it sends a response message indicating the tampering. Upon receiving this message, the secure processing portion immediately halts all transaction processing to prevent fraudulent or compromised transactions. This ensures that any tampered terminal cannot be used for further transactions until the issue is resolved. The secure processing portion acts as an independent verification module that enforces security policies by blocking transactions when tampering is confirmed. This approach enhances payment security by combining real-time monitoring with automated enforcement to mitigate risks associated with compromised terminals. The system is particularly useful in environments where payment terminals may be physically or digitally tampered with, such as retail or online payment systems.
8. A method of performing a security test at a device, the method comprising: storing, by a processing unit of the device, information in memory of the device via a first connection; providing a second connection between the memory and a memory scanning system of the device, the second connection being a direct connection that is separate from the first connection; accessing, by the memory scanning system, information stored in the memory via direct memory access using the second connection; comparing, by the memory scanning system, the accessed information to corresponding evaluation criteria stored by the memory scanning system; determining, by the memory scanning system, whether there is a discrepancy between the accessed information and the evaluation criteria; and initiating, by the memory scanning system, a response action in response to the determination of a discrepancy between the accessed information and the evaluation criteria.
The invention relates to a method for performing security testing on a device by monitoring memory content for discrepancies. The method addresses the problem of detecting unauthorized or malicious modifications to stored data by implementing a dedicated memory scanning system that operates independently of the primary data storage process. The device includes a processing unit that stores information in memory via a first connection, such as a standard data bus. A second, separate connection is established between the memory and a memory scanning system, ensuring direct and isolated access to the stored data. The memory scanning system uses direct memory access (DMA) over this second connection to read the stored information without interfering with the primary data flow. The accessed data is then compared against predefined evaluation criteria, which may include expected values, integrity checks, or security policies. If a discrepancy is detected, the memory scanning system triggers a response action, such as logging the event, alerting the user, or initiating countermeasures. This approach enhances security by providing real-time monitoring of memory content while maintaining separation between the scanning process and normal data operations.
9. The method of claim 8 , wherein the determination of a discrepancy between the accessed information and the evaluation criteria indicates that the device is performing forbidden operations.
A system and method for detecting unauthorized device operations involves monitoring a device's behavior to identify discrepancies between its actual operations and predefined evaluation criteria. The device's information, such as logs, configurations, or activity patterns, is accessed and compared against the criteria, which define permissible operations. If a discrepancy is detected, it indicates that the device is performing forbidden operations, such as unauthorized data access, unauthorized software execution, or other prohibited activities. The evaluation criteria may include rules, policies, or behavioral baselines that dictate acceptable device behavior. The system may further analyze the nature of the discrepancy to determine the severity or type of forbidden operation being performed. This approach helps enforce security policies, prevent malicious activities, and ensure compliance with organizational or regulatory requirements. The method can be applied to various devices, including computers, servers, or IoT devices, to detect and mitigate unauthorized or malicious behavior.
10. The method of claim 8 , wherein the accessing information stored in the memory includes accessing information stored in the memory with a memory access controller of the memory scanning system.
A memory scanning system is used to detect and analyze data stored in memory, particularly in scenarios where memory contents need to be examined for security, debugging, or forensic purposes. A challenge in such systems is efficiently and accurately retrieving stored information while minimizing disruptions to system operations. This invention addresses this problem by using a memory access controller to manage and control the retrieval of data from memory. The memory access controller ensures that data is accessed in a controlled manner, preventing conflicts or errors during the scanning process. The controller may prioritize certain memory regions, handle access permissions, or optimize the scanning sequence to improve efficiency. By integrating the memory access controller into the scanning system, the invention ensures reliable and secure access to memory contents, enhancing the overall performance and accuracy of the scanning process. This approach is particularly useful in environments where memory integrity and system stability are critical, such as in cybersecurity applications or real-time system monitoring. The method improves upon existing techniques by providing a more structured and controlled way to interact with memory, reducing the risk of data corruption or system crashes during scanning operations.
11. The method of claim 8 , wherein the memory scanning system is incorporated within the processing unit of the device.
A method for enhancing memory scanning efficiency in electronic devices involves integrating a memory scanning system directly within the processing unit of the device. The processing unit executes a memory scanning process to detect and mitigate security threats, such as malware or unauthorized access, by analyzing memory contents in real time. The scanning system operates by monitoring memory access patterns, identifying suspicious activities, and applying security measures to prevent or neutralize threats. By incorporating the scanning system within the processing unit, the method reduces latency and improves performance compared to external scanning solutions. The processing unit may also include additional components, such as a dedicated scanning module or hardware accelerators, to optimize the scanning process. The method ensures continuous and efficient memory monitoring without significantly impacting the device's overall performance. This approach is particularly useful in high-security environments where real-time threat detection and response are critical.
12. The method of claim 8 , wherein the memory scanning system is incorporated in a separate module from the processing unit of the device.
A system and method for memory scanning in electronic devices addresses the challenge of efficiently detecting and mitigating security threats, such as malware or unauthorized access, by scanning memory contents in real time. The invention involves a memory scanning system that operates independently of the device's primary processing unit, reducing performance overhead and ensuring continuous monitoring without disrupting normal device operations. The scanning system is designed to analyze memory contents for suspicious patterns, anomalies, or known malicious signatures, providing alerts or triggering countermeasures when threats are detected. By operating as a separate module, the system avoids resource contention with the main processor, allowing for uninterrupted scanning even during high-load conditions. This modular approach enhances security by ensuring that memory monitoring remains active regardless of the device's operational state, making it particularly useful in environments where real-time threat detection is critical, such as in embedded systems, IoT devices, or high-security computing environments. The system may also include configurable scanning parameters, allowing users or administrators to adjust sensitivity, frequency, or target memory regions based on specific security requirements.
13. The method of claim 8 , wherein the accessing information stored in memory includes obtaining information about an operating system of the device.
A system and method for accessing and utilizing device information stored in memory, particularly for managing and optimizing device operations. The technology addresses the challenge of efficiently retrieving and processing relevant data from a device's memory to enhance performance, security, or functionality. The method involves accessing stored information in the device's memory, which includes obtaining details about the device's operating system. This operating system information may include version data, configuration settings, or other system-specific parameters that influence device behavior. The retrieved data is then used to perform various operations, such as adjusting system settings, applying updates, or enforcing security policies. The method ensures that the accessed information is accurate and up-to-date, enabling reliable decision-making for device management tasks. By leveraging this approach, the system can dynamically adapt to different operating environments, improving overall device efficiency and user experience. The technique is applicable to various computing devices, including smartphones, tablets, and embedded systems, where real-time access to system information is critical for optimal performance.
14. A device for performing a security test, comprising: at least one memory; at least one processing unit coupled to the at least one memory by a first connection, wherein the at least one processing unit is configured to store information in the at least one memory via the first connection; a memory scanning system coupled to the at least one memory by a second connection, wherein the second connection is a direct connection that is separate from the first connection, the memory scanning system including a processing portion and a memory portion, wherein the memory portion comprises instructions that cause the processing portion to: access information stored in the at least one memory via direct read access using the second connection; compare the accessed information to corresponding evaluation criteria stored in the memory portion of the memory scanning system; determine whether there is a discrepancy between the accessed information and the evaluation criteria; and initiate a response action in response to the determination of a discrepancy between the accessed information and the evaluation criteria.
The invention relates to a security testing device designed to monitor and evaluate data integrity in a computing system. The device addresses the problem of detecting unauthorized or malicious modifications to stored information by providing a dedicated, isolated scanning system that operates independently of the primary processing unit. This separation ensures that the scanning process remains unaffected by potential compromises in the main system. The device includes at least one memory and at least one processing unit connected to the memory via a first connection, allowing the processing unit to store and manage data. A separate memory scanning system is directly coupled to the memory via a second, distinct connection, ensuring independent access. The scanning system comprises a processing portion and a memory portion. The memory portion contains instructions that direct the processing portion to perform several functions: accessing stored information via direct read access through the second connection, comparing the accessed data against predefined evaluation criteria stored in the scanning system's memory, determining if discrepancies exist between the data and the criteria, and initiating a response action if a discrepancy is detected. This isolated architecture enhances security by preventing tampering with the scanning process and ensuring reliable detection of data inconsistencies.
15. The device of claim 14 , wherein the memory scanning system is separate from the at least one processing unit.
A system for memory scanning in computing devices addresses the challenge of efficiently detecting and mitigating security threats, such as malware or unauthorized access, by monitoring memory usage in real time. The system includes at least one processing unit and a memory scanning system that operates independently to analyze memory contents for suspicious patterns or anomalies. The separation of the memory scanning system from the processing unit ensures that the scanning process does not interfere with the device's normal operations, maintaining performance while enhancing security. The memory scanning system may employ various techniques, such as signature-based detection, heuristic analysis, or machine learning models, to identify potential threats. By operating autonomously, the system can continuously monitor memory without relying on the processing unit's resources, reducing latency and improving detection accuracy. This design is particularly useful in high-security environments where real-time threat detection is critical, such as in enterprise networks, financial systems, or embedded devices. The standalone memory scanning system ensures that security operations remain robust even if the primary processing unit is compromised or under heavy load.
16. The device of claim 14 , wherein the memory scanning system is included within the at least one processing unit.
A system for detecting and mitigating malicious software in a computing environment involves a memory scanning system integrated within a processing unit. The system monitors memory operations to identify unauthorized or suspicious activities, such as unauthorized access, data corruption, or execution of malicious code. The memory scanning system operates in real-time, analyzing memory contents and transactions to detect anomalies that may indicate the presence of malware or other security threats. When a threat is detected, the system can trigger countermeasures, such as isolating affected memory regions, terminating malicious processes, or alerting security personnel. The integration of the memory scanning system within the processing unit ensures low-latency detection and response, minimizing the impact of potential attacks. This approach enhances system security by providing proactive monitoring and immediate intervention, reducing the risk of data breaches or system compromises. The system is particularly useful in environments where real-time protection against advanced threats is critical, such as in enterprise networks, financial systems, or critical infrastructure.
17. The device of claim 16 , wherein the at least one processing unit comprises a secure enclave, wherein the processing portion of the memory scanning system and the memory portion of the memory scanning system are included within the secure enclave.
A secure computing device includes a memory scanning system designed to detect and mitigate malicious code or unauthorized access within a computing environment. The system comprises at least one processing unit and a memory scanning system that operates to scan memory for security threats. The processing unit includes a secure enclave, a hardware-based security feature that isolates sensitive operations from the rest of the system. Both the processing portion and the memory portion of the memory scanning system are contained within this secure enclave, ensuring that critical security functions are protected from external tampering or unauthorized access. The secure enclave provides a trusted execution environment, preventing unauthorized software or processes from interfering with the memory scanning operations. This design enhances the integrity and confidentiality of the scanning process, making it more resilient against attacks that target memory or system vulnerabilities. The system is particularly useful in environments where high security is required, such as financial transactions, government systems, or sensitive data processing. By isolating the memory scanning components within a secure enclave, the device ensures that security checks remain reliable and tamper-proof.
18. The device of claim 14 , wherein the memory scanning system comprises a memory access controller to access the at least one memory in response to instructions from the processing portion.
A memory scanning system is designed to monitor and analyze memory usage in electronic devices, particularly in systems where memory integrity and performance are critical. The system addresses challenges such as unauthorized memory access, data corruption, and inefficient memory utilization by providing real-time monitoring and control over memory operations. The memory scanning system includes a memory access controller that interacts with one or more memory units. This controller is responsible for accessing memory in response to instructions from a processing portion of the system, which may include a central processing unit (CPU) or a dedicated processor. The processing portion generates commands to read, write, or modify memory contents, and the memory access controller executes these commands while ensuring secure and efficient memory operations. The system may also include additional components, such as a memory integrity checker, to verify data consistency and detect potential security threats. By integrating these features, the memory scanning system enhances memory management, reduces vulnerabilities, and improves overall system performance. The memory access controller ensures that memory operations are performed in a controlled and secure manner, preventing unauthorized access and maintaining data integrity. This approach is particularly useful in environments where memory security and reliability are paramount, such as in embedded systems, IoT devices, and high-performance computing applications.
19. The device of claim 14 , wherein the evaluation criteria includes a plurality of test criteria and wherein the discrepancy between the accessed information and the evaluation criteria indicates that the at least one processing unit is performing forbidden operations.
This invention relates to a device for monitoring and evaluating the performance of processing units, particularly to detect unauthorized or forbidden operations. The device includes at least one processing unit and a monitoring system that accesses information related to the processing unit's operations. The monitoring system evaluates this information against predefined evaluation criteria, which consist of multiple test criteria. If the accessed information deviates from these criteria, the device identifies that the processing unit is performing forbidden operations. The evaluation criteria may include rules, thresholds, or behavioral patterns that define acceptable and unacceptable operations. The monitoring system may generate alerts, log discrepancies, or trigger corrective actions when forbidden operations are detected. This invention is useful in security applications, compliance monitoring, and system integrity verification, ensuring that processing units operate within authorized parameters. The device may be implemented in hardware, software, or a combination of both, and can be applied to various computing environments, including embedded systems, servers, and network devices. The primary problem addressed is the need to detect and prevent unauthorized or malicious activities in processing units, enhancing system security and operational reliability.
20. The device of claim 19 , wherein the instructions in the memory portion cause the processing portion to send a message via a networking stack in the at least one memory in response to the determination that the at least one processing unit is performing forbidden operations.
A system for monitoring and controlling processing operations in a computing device includes at least one processing unit and at least one memory storing executable instructions. The system detects when the processing unit performs forbidden operations, such as unauthorized access or execution of restricted code. Upon detection, the system sends a message via a networking stack in the memory to report the violation or trigger a security response. The networking stack facilitates communication over a network, allowing the device to transmit alerts or logs to a remote server or security system. The instructions in memory also enable the processing unit to enforce security policies, such as blocking further execution of forbidden operations or isolating affected processes. The system may include multiple processing units and memory modules, with the instructions distributed across them to ensure coordinated monitoring and enforcement. The networking stack ensures reliable message transmission, even if the processing unit is compromised, by using dedicated memory and processing resources. This approach enhances security by detecting and responding to unauthorized activities in real-time, preventing further exploitation of vulnerabilities.
Unknown
January 7, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.